Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-49346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...

7.1CVSS6AI score0.00227EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in glib2.0

A issue was discovered in GNOME GLib before versions 2.66.7 and 2.67.x before version 2.67.4. If the gbytearraynewtake function was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2^32, resulting in unintended length truncation...

7.5CVSS7AI score0.0408EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.7 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

5.5AI score0.00123EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 2:29 a.m.8 views

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

5.7AI score0.00373EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/22 2:31 a.m.6 views

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

9.1CVSS5.9AI score0.00466EPSS
Exploits0
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43368

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of size 4 GB or more is populated with pages allocated from a folio, unsigned int .length attribute of a scatterlist may...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References8
HackRead
HackRead
added 2026/05/07 12:0 p.m.10 views

Google Chrome Accused of Silently Installing 4GB AI Model on User Devices

Cybersecurity researcher Alexander Hanff claims that Google Chrome automatically installs a 4GB Gemini Nano AI model without user notification or consent...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/05/05 3:29 p.m.90 views

CVE-2026-43073 x86-64: rename misleadingly named '__copy_user_nocache()' function

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

0.00117EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31875

Name of the Vulnerable Software and Affected Versions wolfCrypt affected versions not specified Description An integer overflow in the wolfCrypt CMAC implementation could allow for the forging of CMAC tags. The wc CmacUpdate function incorrectly skipped XOR-chaining on the first block due to a...

8.2CVSS5.8AI score0.0042EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/03 12:24 a.m.3 views

SUSE CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

5.5CVSS5.7AI score0.00367EPSS
Exploits0References7
NVD
NVD
added 2026/03/02 8:16 p.m.5 views

CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

7.5CVSS0.00367EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/02 8:16 p.m.4 views

CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

7.5CVSS6.4AI score0.00367EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : glib2-2.56.4-10.el8.1 (AXSA:2021-2316:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2316:04 advisory. glib: integer overflow in gbytearraynewtake function when called with a buffer of 4GB or more on a 64-bit platform CVE-2021-27218 Tenable has extracted the...

7.5CVSS8.1AI score0.0408EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-22695

Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.8 Description Exiv2 is a C++ library and a command-line utility used to read, write, delete, and modify image metadata formats like Exif, IPTC, XMP, and ICC. A flaw exists in the preview component that can lead to ...

8.1CVSS6.7AI score0.00367EPSS
Exploits2References60
RedHat Linux
RedHat Linux
added 2025/10/27 8:25 p.m.6 views

kernel: block: fix adding folio to bio

In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepage is supported, then 'offset' of folio can't be held in 'unsigned int', cause warning in bioaddfolionofail and IO failure. Fix it by...

5.5CVSS5.7AI score0.00152EPSS
Exploits0References5
OSV
OSV
added 2025/10/19 10:31 p.m.5 views

JLSEC-2025-156 An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 232, causing unintended length truncation...

7.5CVSS7.2AI score0.0408EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-27218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform,...

7.5CVSS7AI score0.0408EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 7:15 p.m.0 views

DEBIAN-CVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS8.2AI score0.01109EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-16301

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump...

7.8CVSS7.4AI score0.00626EPSS
Exploits0References30
OSV
OSV
added 2022/08/26 11:4 a.m.4 views

OESA-2022-1863 tcpdump security update

Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Security Fixes: The command-lin...

7.8CVSS7.4AI score0.00626EPSS
Exploits0References2
Rows per page
Query Builder